Apache NimBLE 安全漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. An out-of-bounds read vulnerability exists in Apache NimBLE, which can be...

The vulnerability of the btusb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btusb component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the btusbmtkhciwmtsync function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the hci_event component in the Linux operating system’s kernel allows a perpetrator to gain access to confidential information.

The vulnerability of the hcievent component in the Linux operating system’s kernel is related to the disclosure of information within the hciiocaparequestevt function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

CVE-2024-48986

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...

CVE-2024-48984

An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc...

CVE-2024-48983

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from the British company ARM. A security vulnerability exists in ARM Mbed OS version 6.16.0, which stems from a flaw in the way the software dynamically determines the length of the packet...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from the British company ARM. A security vulnerability exists in ARM Mbed OS version 6.16.0, which stems from a buffer overflow caused by its HCI parsing software when reading a byte from the...

PT-2024-33314 · Arm · Mbed Os

Name of the Vulnerable Software and Affected Versions: MBed OS version 6.16.0 Description: An issue was discovered in the processing of HCI packets. The software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the...

PT-2024-33310 · Arm · Mbed Os

Name of the Vulnerable Software and Affected Versions: MBed OS version 6.16.0 Description: An issue was discovered in the processing of HCI packets. The software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of...

PT-2024-33315 · Arm · Mbed Os

Name of the Vulnerable Software and Affected Versions: Mbed OS version 6.16.0 Description: An issue was discovered in the hci parsing software of Mbed OS, where it dynamically determines the length of certain hci packets by reading a byte from its header. This can lead to a buffer overflow when t...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from the British company ARM. A security vulnerability exists in ARM Mbed OS version 6.16.0, which stems from the HCI parsing software allocating buffers based on the length specified in the...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things from ARM UK. A security vulnerability exists in ARM Mbed OS version 6.16.0, which originates when parsing an HCI report, where the software does not verify that the report address is located in th...

PT-2024-36898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the Bluetooth component, specifically in the hci conn module. The fix involves using disable delayed work...

kernel: Bluetooth: btrtl: fix out of bounds memory access

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store 'struct btrealtekdata'. If btrtl driver is used with btusb, then memory for private hci data is...

DEBIAN-CVE-2024-50255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

UBUNTU-CVE-2024-43884

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pairdevice hciconnparamsadd never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an xhci component that could lead to a null pointer dereference in the event of a sudden host death...

SUSE CVE-2024-42132

In the Linux kernel, the following vulnerability has been resolved: bluetooth/hci: disallow setting handle bigger than HCICONNHANDLEMAX Syzbot hit warning in hciconndel caused by freeing handle that was not allocated using ida allocator. This is caused by handle bigger than HCICONNHANDLEMAX passe...

SUSE CVE-2024-40927

In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure everything is reset...